2023 Israel-Hamas War: Understand your organization’s traffic bound for/from affected regions

  • 13 October 2023
  • 0 replies
  • 74 views
2023 Israel-Hamas War: Understand your organization’s traffic bound for/from affected regions
Userlevel 4
Badge +13

 

With events rapidly unfolding in Israel and Gaza, it is important for organizations to get visibility into their traffic bound for these regions or originating from them. Use these two dashboards to understand traffic coming from and destined for Israel (Country Code: IL) and Palestinian Territory (Country Code: PS). 

 

The dashboards provide insights into:

 

  • Visuals to understand which traffic flows (events) are sourced from and destined for Israel and Palestinian Territory
  • Originating user and application context for the generated traffic
  • Threats (i.e. Alerts) detected , along with the types of threats, policies, and resulting actions (blocks, allows, etc.)
  • Traffic flows (events) from and to any countries of interest by adjusting the dashboard filters on top

 

 

 

Please Note:

 

  • With the exception of the Policies, Alerts & Actions visualization, this dashboard does not distinguish between blocked/allowed traffic. Further analysis is required to ascertain the context and outcome of network events.
  • GeoIP assignments are dynamically changing, and blocking legitimate network traffic may have adverse effects. As such, we recommend researching destination address space using authoritative sources such as BGP and WHOIS before implementing policies using large IP address ranges/CIDR blocks.

 

Recommendations:

 

  • Ensure that the Netskope client is enabled and connected to the Netskope cloud. Educate your users. Stay vigilant.
  • Visit our resource center frequently to get updates on the evolving threat landscape, learn about the protections within Netskope products, and get additional insights to heighten your defenses.
  • Monitor the Netskope blog for the latest research and threat information. The security of our customers is our priority, and we encourage all organizations to apply recommended protections and security updates as soon as possible based on their unique risks and business objectives.

0 replies

Be the first to reply!

Reply